Claim Amendments 

The claims in the Application comprise the following: 

1. (Original) A communications security system to prevent transfer of selected 
communication transactions from an imtrustworthy network to a trustworthy 
network, comprising: 

a server, connected to the untrustworthy network, that maintains a database 
of protection rules, each of which, when applied to a communication 
transaction, identifies that communication transaction to be a respective 
one of the selected commimication transactions; and 

a portal, connected between the untrustworthy network and the trusted 
network, that: 

selectively transfers the database of protection rules from said server via 
said untrustworthy network; 

receives a communication transaction from the untrustworthy network 
for transfer to the trustworthy network; 

applies each of the protection rules to the received communication 
transaction; and 

prevents the transfer of the received communication transaction to the 
trustworthy network if a protection rule identifies the received 
communication transaction to be a respective one of the selected 
commimication transactions. 

2. (Original) The security system of claim 1 wherein the transfer of the database 
from the server to the portal is via a secure protocol. 
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3. (Original) The security system of claim 1: 

wherein each of said protection rules may be a selected one of two classes, 
exclusion or guard; and 

wherein the portal: 

prevents the transfer of the received commurucation transaction to the 
trustworthy network if a protection rule identifies the received 
commurucation transaction to be a respective one of the selected 
communication transactions, if said protection rule is of the 
exclusion class; but 

selectively transfers the received communication transaction to the 
trustworthy network if a protection rule identifies the received 
communication transaction to be a respective one of the selected 
communication transactions, if said protection rule is of the guard 
class. 

4. (Original) The security system of claim 3 wherein the portal selectively 
transfers to the server at least a portion of each received communication 
transaction identified to be a respective one of the selected commvinication 
transactions. 

5. (Original) The security system of claim 4 wherein the server, in response to 
receiving said portion of a commxmication transaction identified to be a 
respective one of the selected commimication transactions by a protection rule of 
the guard class, analyzes said portion to determine if said communication 
transaction represents a security threat to the trustworthy network, and, if it is so 
determined, constructs a new protection rule of the exclusion class and adds said 
new protection rule to said database. 

6. (Original) The security system of claim 5 wherein the server analyzes said 
portion using an expert system. 

7. (Original) The security system of claim 6 wherein the server constructs said 
new protection rule using the expert system. 
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8. (Original) The security system of claim 7 wherein the expert system is guided 
by a human expert. 

9. (Original) The security system of claim 4 wherein the server, in response to 
receiving said portion of a communication transaction identified to be a 
respective one of the selected commurucation transactions by a protection rule of 
the guard class, provides said portion to a human expert to determine if said 
communication transaction represents a security threat to the trustworthy 
network, receives new protection rules from said human expert, and adds said 
new protection rules to said database. 
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10. (Original) A communications security method to prevent transfer of selected 
communication transactions from an untrustworthy network to a trustworthy 
network, comprising: 

at a server, connected to the imtrustworthy network, maintaining a database 
of protection rules, each of which, when applied to a commimication 
transaction, identifies that commimication transaction to be a respective 
one of the selected communication transactions; and 

at a portal, connected between the untrustworthy network and the trusted 
network: 

selectively transferring the database of protection rules from said server 
via said untrustworthy network; 

receiving a commimication transaction from the imtrustworthy network 
for transfer to the trustworthy network; 

applying each of the protection rules to the received communication 
transaction; and 

preventing the transfer of the received communication transaction to the 
trustworthy network if a protection rule identifies the received 
communication transaction to be a respective one of the selected 
communication transactions. 

11. (Original) The security method of claim 10 wherein the transfer of the 
database from the server to the portal is via a secure protocol. 
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12. (Original) The security method of claim 10: 

wherein each of said protection rules may be a selected one of two classes, 
exclusion or guard; and 

wherein, at the portal, the step of preventing is further characterized as: 

preventing the transfer of the received communication transaction to the 
trustworthy network if a protection rule identifies the received 
communication transaction to be a respective one of the selected 
communication transactions, if said protection rule is of the 
exclusion class; but 

selectively transferring the received commimication transaction to the 
trustworthy network if a protection rule identifies the received 
communication transaction to be a respective one of the selected 
communication transactions, if said protection rule is of the guard 
class. 

13. (Original) The security method of claim 12 further comprising, at the portal: 

selectively transferring to the server at least a portion of each received 
communication transaction identified to be a respective one of the 
selected communication transactions. 
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14. (Original) The security method of claim 13 further comprising, at the server: 

receiving said portions of said communication transactions identified to be a 
respective one of the selected communication transactions; and 

in response to receiving said portion of a communication transaction 
identified to be a respective one of the selected communication 
transactions by a protection rule of the guard class, analyzing said 
portion to determine if said communication transaction represents a 
security threat to the trustworthy network, and, if it is so determined, 
constructing a new protection rule of the exclusion class and adding said 
new protection rule to said database. 

15. (Original) The security method of claim 14 further including, at the server: 
analyzing said portion using an expert system. 

16. (Original) The security method of claim 15 wherein, at the server, the step of 
constructing the new protection rule is further characterized as: 

constructing said new protection rule using the expert system. 

17. (Original) The security method of claim 16 wherein, at the server, the expert 
system is guided by a human expert. 

18. (Original) The security method of claim 13 further comprising, at the server: 

receiving said portions of said communication transactions identified to be a 
respective one of the selected commxinication transactions; and 

in response to receiving said portion of a communication transaction 
identified to be a respective one of the selected communication 
transactions by a protection rule of the guard class, providing said 
portion to a human expert to determine if said communication 
transaction represents a security threat to the trustworthy network, 
receiving new protection rules from said human expert, and adding said 
new protection rules to said database. 
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19. (Original) A portal for use in a communications security system to prevent 
transfer of selected commurucation transactions from an untrustworthy network 
to a trustworthy network, the security system including a server, cormected to 
the untrustworthy network, that maintains a database of protection rules, each of 
which, when applied to a communication transaction, identifies that 
communication transaction to be a respective one of the selected communication 
transactions, the portal, when connected between the imtrustworthy network 
and the trusted network: 

selectively transferring the database of protection rules from said server 
via said untrustworthy network; 

receiving a communication transaction from the untrustworthy network 
for transfer to the trustworthy network; 

applying each of the protection rules to the received communication 
transaction; and 

preventing the transfer of the received commimication transaction to the 
trustworthy network if a protection rule identifies the received 
communication transaction to be a respective one of the selected 
communication transactions. 
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20. (Original) A server for use in a commxinications security system to prevent 
transfer of selected communication transactions from an untrustworthy network 
to a trustworthy network via a portal, the server, when connected to the 
untrustworthy network: 

maintaining a database of protection rules, each of which, when applied to a 
communication transaction, identifies that commxmication transaction to 
be a respective one of the selected communication transactions; and 

selectively transferring the database of protection rules via said 

untrustworthy network to said portal for application by said portal to 
each commurucation transaction received by said portal to prevent the 
transfer of the received commimication transaction to the trustworthy 
network by the portal if a protection rule, when applied by the portal, 
identifies the received communication transaction to be a respective one 
of the selected communication transactions. 
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21. (New) A communications security system to prevent transfer of selected 
commurucation transactions from an imtrustworthy network to a trustworthy 
network, comprising: 

a server, cormected to the untrustworthy network, that maintains a plurality 
of protection rules, each of which, when applied to a communication 
transaction, identifies that communication transaction to be a respective 
one of the selected communication transactions; and 

a portal, connected between the untrustworthy network and the trusted 
network, that: 

cooperates with the server to transfer the database of protection rules 
from said server to the portal via said imtrustworthy network; 

receives a communication transaction from the imtrustworthy network 
for transfer to the trustworthy network; 

applies each of the protection rules to the received communication 
transaction; and 

selectively transfers to the server at least a portion of the received 
communication transaction via the untrustworthy network if a 
protection rule identifies the received communication transaction to 
be a respective one of the selected communication transactions. 
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22. (New) A portal for use in a communications security system to selectively 
transfer a communication transaction in accordance with a protection rule 
maintained by a server, the portal: 

transferring the protection rule from said server; 

receiving the commxmication transaction; 

applying the protection rule to the received commxmication transaction; 

preventing the transfer of the received communication transaction if 
required by the protection rule; and 

selectively transferring to the server at least a portion of the received 

communication transaction even if the protection rule allows transfer of 
the received communication transaction. 
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23. (New) A communications security method wherein a portal selectively 
transfers a commurucation transaction in accordance with a first protection rule 
maintained by a server, comprising; 

transferring the first protection rule from said server to the portal; 

receiving at the portal the commtmication transaction; 

applying at the portal the first protection rule to the communication 
transaction; 

preventing at the portal the transfer of the communication transaction if 
required by the first protection rule; 

selectively transferring from the portal to the server at least a portion of the 
communication transaction even if the first protection rule allows 
transfer of the commimication transaction; and 

selectively creating at the server a second protection rule in response to said 
portion of the communication transaction. 
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